From owner-svn-src-all@freebsd.org Sat May 11 17:54:33 2019 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F88115A3559; Sat, 11 May 2019 17:54:33 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 3EBE56AD07; Sat, 11 May 2019 17:54:32 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id PWCVhGCOHldkPPWCWhNIur; Sat, 11 May 2019 11:54:25 -0600 X-Authority-Analysis: v=2.3 cv=Ko4zJleN c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=8nJEP1OIZ-IA:10 a=E5NmQfObTbMA:10 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=UHKYGRcFH3URBF6ry7YA:9 a=wPNLvfGTeEIA:10 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 Received: from slippy.cwsent.com (slippy8 [10.2.2.6]) by spqr.komquats.com (Postfix) with ESMTPS id B0E5FC24; Sat, 11 May 2019 10:54:22 -0700 (PDT) Received: from slippy.cwsent.com (localhost [127.0.0.1]) by slippy.cwsent.com (8.15.2/8.15.2) with ESMTP id x4BHs3Xh009035; Sat, 11 May 2019 10:54:03 -0700 (PDT) (envelope-from Cy.Schubert@cschubert.com) Received: from slippy (cy@localhost) by slippy.cwsent.com (8.15.2/8.15.2/Submit) with ESMTP id x4BHrxUA009032; Sat, 11 May 2019 11:53:59 -0600 (MDT) (envelope-from Cy.Schubert@cschubert.com) Message-Id: <201905111753.x4BHrxUA009032@slippy.cwsent.com> X-Authentication-Warning: slippy.cwsent.com: cy owned process doing -bs X-Mailer: exmh version 2.8.0 04/21/2012 with nmh-1.7.1 Reply-to: Cy Schubert From: Cy Schubert X-os: FreeBSD X-Sender: cy@cwsent.com X-URL: http://www.cschubert.com/ To: Andrew Gallatin cc: Kristof Provost , Slawa Olhovchenkov , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r347410 - in head: . sys/amd64/conf sys/arm/conf sys/arm64/conf sys/i386/conf sys/powerpc/conf sys/riscv/conf sys/sparc64/conf In-Reply-To: Message from Andrew Gallatin of "Sat, 11 May 2019 09:37:12 -0400." <0c6911b6-6fa0-74cd-8999-c628bc3b2a9d@cs.duke.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Date: Sat, 11 May 2019 11:53:59 -0600 X-CMAE-Envelope: MS4wfIEw+CfyxnfeP1VXq7onBbTIUJ7xuRq/F83IiLJ54LjUP+G6s+SXyYIp8+YMUu/yZK+Wco2mWdyWGmOe+uEcVucRBYEz2arxXldEvzfEE5fkL49fQGj2 nwB++0oyQBttFS2YX0N0mlkJ1k2cgshXb/cVVS07a9zK6d/oCybFxQKLMzz9CS2zL/fAzmqbQKeI106v1uACPt5/tB0pvE8C93h6W4OFPsgcqzzk7E9T48Jr DCMR8hiuOq9GaXMNAa3175+/I7sqsealemBaBQJ3ULOcPi+/hKBhmIqa4sNog/x6Ywx8XFK/67snfUFQqaMXxdp3a1Fp+E7aXwdEwSjB/+4= X-Rspamd-Queue-Id: 3EBE56AD07 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-5.10 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; RECEIVED_SPAMHAUS_PBL(0.00)[17.125.67.70.zen.spamhaus.org : 127.0.0.11]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; HAS_REPLYTO(0.00)[Cy.Schubert@cschubert.com]; RCPT_COUNT_FIVE(0.00)[6]; REPLYTO_EQ_FROM(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: spqr.komquats.com]; NEURAL_HAM_SHORT(-0.90)[-0.900,0]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(-2.49)[ip: (-6.66), ipnet: 64.59.128.0/20(-3.23), asn: 6327(-2.48), country: CA(-0.09)]; RCVD_IN_DNSWL_LOW(-0.10)[12.134.59.64.list.dnswl.org : 127.0.5.1] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 May 2019 17:54:33 -0000 In message <0c6911b6-6fa0-74cd-8999-c628bc3b2a9d@cs.duke.edu>, Andrew Gallatin writes: > On 2019-05-10 11:50, Kristof Provost wrote: > > On 10 May 2019, at 8:31, Andrew Gallatin wrote: > > > > On 2019-05-10 08:44, Slawa Olhovchenkov wrote: > > > > pf have ifdef for IPSEC, but don't have support IPSEC_SUPPORT > > (netpfil/pf/if_pfsync.c). > > > > Thanks for pointing this out. It seems like IPSEC_SUPPORT would work > > for this. I've made a patch, and it compiles and the pf module loads. > > However, I have no knowledge of how to test it. Is this something > > that you use, and which you can test? > > > > I suspect this code has not actually been enabled for a long time. > > gettdb() doesn’t actually appear to be defined anywhere, so I wouldn’t > > expect it to ever compile. > > > > gettdb() does exist in OpenBSD, so my current guess is that this is just > > an import artefact, and we should |#ifdef OPENBSD| it or something, or > > just remove it completely. > > > > For completeness, and because I never shut up about this: to test pf > > |kldload pfsync|, |cd /usr/tests/sys/netpfil/pf| and |sudo kyua test| > > > > There’s more information in the current edition of the FreeBSD journal. > > > > Regards, > > Kristof > > > > Thanks, you are correct. Including options_ipsec.h reveals that the > code does not even compile (cannot find gettdb(), which does not appear > to be defined anywhere in our tree). > > Given that it is dead code, I'd rather just not touch it. IP Filter zeros out the pointer to rcvif when IPSEC is compiled in. Looking at the upstream code, Darren checks for IPSEC only for BSD based kernels. Zeroing out the pointer only when IPSEC is compiled in, regardless whether the mbuf in question was touched by IPSEC or not seems a little sketchy to me. However I'm inclined to use IPSEC_SUPPORT for now until it can be established whether to keep or remove it. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few.